Live chat

Linux Virtual Server

12th September 2012

in High Availability

Loadbalancing an internal webserver behind two Microsoft TMG 2010 servers at layer4 using DR mode

Posted by Theo Harvey 12th September in High Availability

We were looking at Microsoft's new TMG server and load balancing and after a search of the web found there was not really any Guide on how to load balance incoming web connections via two TMG servers to an internal NAT'ed web sever at Layer 4. The TMG servers are effectivley acting as WAFs (Web Application Firewalls) for the incomming traffic. They require the traffic to be transparent (so they can inspect the client source IP address), so layer 4  DR mode is a logical choice. The main problems were getting the required loopback adapter on the TMG servers to function correctly. So this is how we got it to work:

Continue reading...
6th September 2011

in High Availability

Load balancing Microsoft Print Server

Posted by Rob Cooper 6th September in High Availability

Microsoft print server provides a great way to share printers throughout your organisation, but when the print server service falls over, the phone quickly starts to ring. By adding a load balancer and a second print server configured with the same print queues , you'll quickly have a load balanced and resilient printing infrastructure for your users.

Continue reading...
9th August 2010

in Linux Virtual Server

Enabling SNAT in LVS (xt_ipvs) and iptables

Posted by Mark Brookes 9th August in Linux Virtual Server

Just a brief guide on how to enable SNAT in LVS with iptables. Firstly this is all very bleeding edge and as yet has not made it into the current kernel it should be in 2.6.36 with a new version of iptables released not long after that. But for those of you far to eager to use this already here is what you do. N.B I will also go through the process of enabling it so if your reading this and 2.6.36 is available as is the latest version of iptables you can probably skip the start of this article.

Continue reading...
28th July 2008

in Linux

LVS Local node patch for Linux 2.6.25, Centos 5 kernel build how-to

Posted by Malcolm Turnbull 28th July in Linux

Standard Kernel builds of LVS (Linux Vitual Server) don't have the ability to load balance traffic that is from the local node. For example if you terminated some SSL traffic using stunnel or pound on the load balancer you then wouldn't be able to forward that traffic to a backend real server through LVS. First many thanks to Siim Põder for helping to port Carlos Lozano's patch from 2.4 -> 2.6 In order to run an SSL reverse proxy on the same node that is running LVS i.e. External client ---> pound:443 --> Local:443 ---> IPVS:80 ---> RealServer The patch for Linux Kernel 2.6.25 is here: The following is a guide how to install on Centos 5.1:

Continue reading...
1st July 2008

in Linux Virtual Server

Load Balancing via Direct Routing has several key advantages over NAT based methods

Posted by Malcolm Turnbull 1st July in Linux Virtual Server

One of the (many) traditional problems with load balancing is the requirement to change your infrastructure in order to implement a hardware load balancer. Traditional DNS based round robin was easy as you just added extra IP addresses to your A record, but when using a hardware load balancer you need to get it between your clients and your servers. Some of the original units such as the CISCO 416 local re-director could be used in 'bridge mode' where traffic was physically forced to pass through the load balancer hardware and the packets were changed on the fly. Although this was fairly transparent it introduced a single point of failure in the load balancer unit. Most recent load balancer hardware is configured in NAT mode (like a firewall) where traffic is translated from an external subnet to an internal one while carrying out the load balancing of packets.

Continue reading...